Over 50k TransUnion Customers Exposed in Breach
Table of Contents
- By Steven
- Sep 21, 2023
According to a recent data dump on a hacker forum, credit giant TransUnion was recently the victim of a data breach. It's unclear whether the company itself was breached, but it does appear that TransUnion customers have been compromised. Find out more to see what the potential risk is to you, if any.
How Did the Attack Occur?
According to USDoD, a hacker that posted data on BreachForums, a total of 3GB of information was stolen from TransUnion, including information for approximately 58,505 people. The data was posted on March 2, 2023, so it's likely that the data was taken before then. TransUnion has commented about the breach, saying that no information was taken directly from its systems. If the data was not taken from TransUnion directly, a partner working with the company is likely at fault. TransUnion likely relies on vendors and service providers for some of its services. One of these companies could have been the source of the breach.
What Information Was Viewed or Stolen?
A significant amount of information was taken from individuals within the TransUnion database. Items such as first and last names, marital status, employer information, age, date of birth, credit scores, employer information, any loan information, and more. This information could be used to launch phishing attacks and potentially result in identity theft. The data breach potentially compromises people throughout the United States and in other parts of the world and is a serious issue.
How Did TransUnion Admit to the Breach?
TransUnion commented on the breach, stating the information didn't come from its servers and that it is investigating the data loss closely. News of the data loss originally came from a hacker known as USDoD, who posted information about it on BreachForums. A total of 3 GB of data files were put up on the forum, exposing tens of thousands of people. TransUnion didn't make an announcement or inform its customers about the breach; the company only made comments to the media about the situation.
What Will Become of the Stolen Information?
It's impossible to say exactly how the stolen information will be used. It's likely the data will be leveraged for identity theft attacks if possible, and it will be useful for phishing attacks. When conducting a phishing attack, hackers leverage personal information to trick users into providing even more useful data. These attacks normally come via email or text message, and they look official and make people think they are providing trusted companies with the data they need. If you receive a request via email or text message, avoid clicking any links, and don't send personal information to the individuals requesting it.
What Should Affected Parties Do in the Aftermath of the Breach?
If you're concerned about having your data exposed through the TransUnion breach, you can take a few steps to safeguard yourself. The first step is always to check your credit for unexpected changes. These changes aren't likely to occur because of this breach, but you should always double-check. Once you do that, you can either invest in identity theft protection or you can opt to freeze your credit for protection. Both actions are likely unnecessary if only the information above was shared, but they would be warranted if your Social Security number was given out. Be careful to avoid clicking on email and text message links, and most importantly, don't give your personal information away to anyone who asks for it unless you trust them completely. If you aren't sure about a company, stop talking with them and contact the company directly to verify a request.